1 /*
2 Copyright (C) 2002-2010 Karl J. Runge <runge@karlrunge.com>
3 All rights reserved.
4
5 This file is part of x11vnc.
6
7 x11vnc is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or (at
10 your option) any later version.
11
12 x11vnc is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with x11vnc; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
20 or see <http://www.gnu.org/licenses/>.
21
22 In addition, as a special exception, Karl J. Runge
23 gives permission to link the code of its release of x11vnc with the
24 OpenSSL project's "OpenSSL" library (or with modified versions of it
25 that use the same license as the "OpenSSL" library), and distribute
26 the linked executables. You must obey the GNU General Public License
27 in all respects for all of the code used other than "OpenSSL". If you
28 modify this file, you may extend this exception to your version of the
29 file, but you are not obligated to do so. If you do not wish to do
30 so, delete this exception statement from your version.
31 */
32
33 #ifndef _X11VNC_ENC_H
34 #define _X11VNC_ENC_H
35
36 /* -- enc.h -- */
37
38 #if 0
39 :r /home/runge/uvnc/ultraSC/rc4/ultravnc_dsm_helper.c
40 #endif
41
42 /*
43 * ultravnc_dsm_helper.c unix/openssl UltraVNC encryption encoder/decoder.
44 * (also a generic symmetric encryption tunnel)
45 * (also a generic TCP relay and supports IPv6)
46 *
47 * compile via:
48
49 cc -O -o ultravnc_dsm_helper ultravnc_dsm_helper.c -lssl -lcrypto
50 cc -DDBG -O -o ultravnc_dsm_helper ultravnc_dsm_helper.c -lssl -lcrypto
51
52 *
53 * See usage below for how to run it.
54 *
55 * Note: since the UltraVNC DSM plugin implementation changes the RFB
56 * (aka VNC) protocol (extra data is sent), you will *ALSO* need to modify
57 * your VNC viewer or server to discard (or insert) this extra data.
58 *
59 * This tool knows nothing about the RFB protocol: it simply
60 * encrypts/decrypts a stream using a symmetric cipher, arc4 and aesv2,
61 * (others have been added, see usage). It could be used as a general
62 * encrypted tunnel:
63 *
64 * any-client <=> ultravnc_dsm_helper <--network--> ultravnc_dsm_helper(reverse mode) <=> any-server
65 *
66 * e.g. to connect a non-ultra-dsm-vnc viewer to a non-ultra-dsm-vnc server
67 * without using SSH or SSL.
68 *
69 * It can also be used as a general TCP relay (no encryption.)
70 *
71 * It supports IPv6 and so can also be used as a IPv6 gateway.
72 *
73 * -----------------------------------------------------------------------
74 * Copyright (C) 2008-2010 Karl J. Runge <runge@karlrunge.com>
75 * All rights reserved.
76 *
77 * This is free software; you can redistribute it and/or modify
78 * it under the terms of the GNU General Public License as published by
79 * the Free Software Foundation; version 2 of the License, or (at
80 * your option) any later version.
81 *
82 * This software is distributed in the hope that it will be useful,
83 * but WITHOUT ANY WARRANTY; without even the implied warranty of
84 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
85 * GNU General Public License for more details.
86 *
87 * You should have received a copy of the GNU General Public License
88 * along with this software; if not, write to the Free Software
89 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
90 * USA or see <http://www.gnu.org/licenses/>.
91 *
92 * In addition, as a special exception, Karl J. Runge gives permission
93 * to link the code of its release of ultravnc_dsm_helper with the
94 * OpenSSL project's "OpenSSL" library (or with modified versions of it
95 * that use the same license as the "OpenSSL" library), and distribute
96 * the linked executables. You must obey the GNU General Public License
97 * in all respects for all of the code used other than "OpenSSL". If you
98 * modify this file, you may extend this exception to your version of the
99 * file, but you are not obligated to do so. If you do not wish to do
100 * so, delete this exception statement from your version.
101 * -----------------------------------------------------------------------
102 */
103
104 static char *usage =
105 "\n"
106 "ultravnc_dsm_helper: a symmetric encryption tunnel. version 0.2\n"
107 "\n"
108 " Created to enable encrypted VNC connections to UltraVNC, it can act as\n"
109 " a general encrypted tunnel between any two applications. It can also\n"
110 " be used as a general TCP relay (i.e. no encryption) or an IPv6 gateway.\n"
111 "\n"
112 "Usage: ultravnc_dsm_helper cipher keyfile listenport remotehost:port\n"
113 " ultravnc_dsm_helper relay listenport remotehost:port\n"
114 " ultravnc_dsm_helper showcert remotehost:port\n"
115 "\n"
116 "e.g.: ultravnc_dsm_helper arc4 ./arc4.key 5901 snoopy.net:5900\n"
117 "\n"
118 " IPv6 is supported: both IPv4 and IPv6 are attempted to listen on (port\n"
119 " 'listenport'.) For connections to remotehost, if IPv4 fails\n"
120 " then IPv6 is tried. Set the env. var ULTRAVNC_DSM_HELPER_NOIPV6\n"
121 " to completely disable the use of IPv6.\n"
122 "\n"
123 "\n"
124 " cipher: specify 'msrc4', 'msrc4_sc', 'arc4', 'aesv2', 'aes-cfb',\n"
125 " 'aes256', 'blowfish', '3des', 'securevnc'.\n"
126 "\n"
127 " Also 'none', 'relay', or 'showcert'. See below for details.\n"
128 "\n"
129 " 'msrc4_sc' enables a workaround for UVNC SC -plugin use.\n"
130 " (it might not be required in SC circa 2009 and later; try 'msrc4'.)\n"
131 "\n"
132 " use 'securevnc' for SecureVNCPlugin (RSA key exchange). 'keyfile' is\n"
133 " used as a server RSA keystore in this mode. If 'keyfile' does not\n"
134 " exist the user is prompted whether to save the key or not (a MD5\n"
135 " hash of it is shown) If 'keyfile' already exists the server key\n"
136 " must match its contents or the connection is dropped.\n"
137 "\n"
138 " HOWEVER, if 'keyfile' ends in the string 'ClientAuth.pkey', then the\n"
139 " normal SecureVNCPlugin client key authentication is performed.\n"
140 " If you want to do both have 'keyfile' end with 'ClientAuth.pkey.rsa'\n"
141 " that file will be used for the RSA keystore, and the '.rsa' will be\n"
142 " trimmed off and the remaining name used as the Client Auth file.\n"
143 "\n"
144 " use '.' to have it try to guess the cipher from the keyfile name,\n"
145 " e.g. 'arc4.key' implies arc4, 'rc4.key' implies msrc4, etc.\n"
146 "\n"
147 " use 'rev:arc4', etc. to reverse the roles of encrypter and decrypter.\n"
148 " (i.e. if you want to use it for a vnc server, not vnc viewer)\n"
149 "\n"
150 " use 'noultra:...' to skip steps involving salt and IV to try to be\n"
151 " compatible with UltraVNC DSM, i.e. assume a normal symmetric cipher\n"
152 " at the other end.\n"
153 "\n"
154 " use 'noultra:rev:...' if both are to be supplied.\n"
155 "\n"
156 "\n"
157 " keyfile: file holding the key (16 bytes for arc4 and aesv2, 87 for msrc4)\n"
158 " E.g. dd if=/dev/random of=./my.key bs=16 count=1\n"
159 " keyfile can also be pw=<string> to use \"string\" for the key.\n"
160 " Or for 'securevnc' the RSA keystore and/or ClientAuth file.\n"
161 "\n"
162 "\n"
163 " listenport: port to listen for incoming connection on. (use 0 to connect\n"
164 " to stdio, use a negative value to force localhost listening)\n"
165 "\n"
166 "\n"
167 " remotehost:port: host and port to connect to. (e.g. ultravnc server)\n"
168 "\n"
169 "\n"
170 " Also: cipher may be cipher@n,m where n is the salt size and m is the\n"
171 " initialization vector size. E.g. aesv2@8,16 Use n=-1 to disable salt\n"
172 " and the MD5 hash (i.e. insert the keydata directly into the cipher.)\n"
173 "\n"
174 " Use cipher@md+n,m to change the message digest. E.g. arc4@sha+8,16\n"
175 " Supported: 'md5', 'sha', 'sha1', 'ripemd160'.\n"
176 "\n"
177 "\n"
178 " TCP Relay mode: to connect without any encryption use a cipher type of\n"
179 " either 'relay' or 'none' (both are the equivalent):\n"
180 "\n"
181 " ultravnc_dsm_helper relay listenport remotehost:port\n"
182 " ultravnc_dsm_helper none listenport remotehost:port\n"
183 "\n"
184 " where 'relay' or 'none' is a literal string.\n"
185 " Note that for this mode no keyfile is suppled.\n"
186 " Note that this mode can act as an IPv4 to IPv6 gateway.\n"
187 "\n"
188 " ultravnc_dsm_helper relay 8080 ipv6.beijing2008.cn:80\n"
189 "\n"
190 "\n"
191 " SSL Show Certificate mode: Set the cipher to 'showcert' to fetch\n"
192 " the SSL certificate from remotehost:port and print it to the stdout.\n"
193 " No certificate authentication or verification is performed. E.g.\n"
194 "\n"
195 " ultravnc_dsm_helper showcert www.verisign.com:443\n"
196 "\n"
197 " (the output resembles that of 'openssl s_client ...') Set the env var\n"
198 " ULTRAVNC_DSM_HELPER_SHOWCERT_ADH=1 for Anonymous Diffie Hellman mode.\n"
199 "\n"
200 "\n"
201 " Looping Mode: Set the env. var. ULTRAVNC_DSM_HELPER_LOOP=1 to have it\n"
202 " restart itself after every disconnection in an endless loop. It pauses\n"
203 " 500 msec before restarting. Use ULTRAVNC_DSM_HELPER_LOOP=N to set the\n"
204 " pause to N msec.\n"
205 "\n"
206 " You can also set the env. var. ULTRAVNC_DSM_HELPER_BG to have the\n"
207 " program fork into the background for each connection, thereby acting\n"
208 " as a simple daemon.\n"
209 ;
210
211 /*
212 * We can also run as a module included into x11vnc (-enc option)
213 * The includer must set ENC_MODULE and ENC_HAVE_OPENSSL.
214 *
215 * Note that when running as a module we still assume we have been
216 * forked off of the parent process and are communicating back to it
217 * via a socket. So we *still* exit(3) at the end or on error. And
218 * the global settings won't work.
219 */
220 #ifdef ENC_MODULE
221 # define main __enc_main
222 static char *prog = "enc_helper";
223 #else
224 # define ENC_HAVE_OPENSSL 1
225 static char *prog = "ultravnc_dsm_helper";
226 #endif
227
228 /* unix includes */
229 #include <sys/types.h>
230 #include <sys/stat.h>
231 #include <unistd.h>
232 #include <stdlib.h>
233 #include <unistd.h>
234 #include <stdio.h>
235 #include <fcntl.h>
236
237 #include <string.h>
238 #include <errno.h>
239 #include <signal.h>
240
241 #include <sys/socket.h>
242 #include <netinet/in.h>
243 #include <netinet/tcp.h>
244 #include <arpa/inet.h>
245 #include <netdb.h>
246
247
248 /* Solaris (sysv?) needs INADDR_NONE */
249 #ifndef INADDR_NONE
250 #define INADDR_NONE ((in_addr_t) 0xffffffff)
251 #endif
252
253 /* openssl includes */
254 #if ENC_HAVE_OPENSSL
255 #include <openssl/evp.h>
256 #include <openssl/rand.h>
257 #include <openssl/rsa.h>
258 #include <openssl/err.h>
259 #include <openssl/ssl.h>
260 #include <openssl/rsa.h>
261 static const EVP_CIPHER *Cipher;
262 static const EVP_MD *Digest;
263 #endif
264
265 static char *cipher = NULL; /* name of cipher, e.g. "aesv2" */
266 static int reverse = 0; /* listening connection */
267 static int msrc4_sc = 0; /* enables workaround for SC I/II */
268 static int noultra = 0; /* manage salt/iv differently from ultradsm */
269 static int nomd = 0; /* use the keydata directly, no md5 or salt */
270 static int pw_in = 0; /* pw=.... read in */
271
272
273 /* The data that was read in from key file (or pw=password) */
274 static char keydata[1024];
275 static int keydata_len;
276
277 /* Size of salt and IV; based on UltraVNC DSM */
278 #define SALT 16
279 #define MSRC4_SALT 11
280 #define IVEC 16
281
282 /* Set default values of salt and IV */
283 static int salt_size = SALT;
284 static int ivec_size = IVEC;
285
286 /* To track parent and child pids */
287 static pid_t parent, child;
288
289 /* transfer buffer size */
290 #define BSIZE 8192
291
292 /* Some very verbose debugging stuff I enable for testing */
293 #ifdef DBG
294 # include "dbg.h"
295 #else
296 # define DEC_CT_DBG(p, n)
297 # define DEC_PT_DBG(p, n)
298 # define ENC_CT_DBG(p, n)
299 # define ENC_PT_DBG(p, n)
300 # define PRINT_IVEC
301 # define PRINT_KEYDATA
302 # define PRINT_KEYSTR_AND_FRIENDS
303 # define PRINT_LOOP_DBG1
304 # define PRINT_LOOP_DBG2
305 # define PRINT_LOOP_DBG3
306 #endif
307
308 /* SecureVNCPlugin from: http://adamwalling.com/SecureVNC/ */
309 #define SECUREVNC_RSA_PUBKEY_SIZE 270
310 #define SECUREVNC_ENCRYPTED_KEY_SIZE 256
311 #define SECUREVNC_SIGNATURE_SIZE 256
312 #define SECUREVNC_KEY_SIZE 16
313 #define SECUREVNC_RESERVED_SIZE 4
314 #define SECUREVNC_RC4_DROP_BYTES 3072
315 #define SECUREVNC_RAND_KEY_SOURCE 1024
316 static int securevnc = 0;
317 static int securevnc_arc4 = 0;
318 static char *securevnc_file = NULL;
319
320 static void enc_connections(int, char*, int);
321
322 #if !ENC_HAVE_OPENSSL
323
324 /* In case we are a module and there is no OpenSSL buildtime support */
325
enc_do(char * ciph,char * keyfile,char * lport,char * rhp)326 extern void enc_do(char *ciph, char *keyfile, char *lport, char *rhp) {
327 fprintf(stderr, "%s: not compiled with OpenSSL\n", prog);
328 exit(1);
329 }
330
331 #else
332
333 #if defined(NO_EVP_aes_256_cfb) || (defined (__SVR4) && defined (__sun) && !defined(EVP_aes_256_cfb) && !defined(ASSUME_EVP_aes_256_cfb))
334 /*
335 * For Solaris 10 missing 192 & 256 bit crypto.
336 * Note that EVP_aes_256_cfb is a macro.
337 */
338 #undef EVP_aes_256_cfb
339 #define EVP_aes_256_cfb() EVP_aes_128_cfb(); {fprintf(stderr, "Not compiled with EVP_aes_256_cfb() 'aes256' support.\n"); exit(1);}
340 #endif
341
342 /* If we are a module, enc_do() is the only interface we export. */
343
344
345 /* This works out key type & etc., reads key, calls enc_connections */
346
enc_do(char * ciph,char * keyfile,char * lport,char * rhp)347 extern void enc_do(char *ciph, char *keyfile, char *lport, char *rhp) {
348
349 struct stat sb;
350 char *q, *p, *connect_host;
351 char tmp[16];
352 int fd, len = 0, listen_port = 0, connect_port, mbits;
353
354 q = ciph;
355
356 /* check for noultra mode: */
357 if (strstr(q, "noultra:") == q) {
358 noultra = 1;
359 q += strlen("noultra:");
360 }
361
362 /* check for reverse mode: */
363 if (strstr(q, "rev:") == q) {
364 reverse = 1;
365 q += strlen("rev:");
366 }
367
368 /* work out which cipher and set Cipher to the selected one. */
369 if (!strcasecmp(q, "msrc4")) {
370 Cipher = EVP_rc4(); cipher = "msrc4";
371
372 } else if (!strcasecmp(q, "msrc4_sc")) {
373 Cipher = EVP_rc4(); cipher = "msrc4";
374 msrc4_sc = 1; /* no salt/iv workaround */
375
376 } else if (strstr(q, "arc4") == q) {
377 Cipher = EVP_rc4(); cipher = "arc4";
378
379 } else if (strstr(q, "aesv2") == q || strstr(q, "aes-ofb") == q) {
380 Cipher = EVP_aes_128_ofb(); cipher = "aesv2";
381
382 } else if (strstr(q, "aes-cfb") == q) {
383 Cipher = EVP_aes_128_cfb(); cipher = "aes-cfb";
384
385 } else if (strstr(q, "aes256") == q) {
386 Cipher = EVP_aes_256_cfb(); cipher = "aes256";
387
388 } else if (strstr(q, "blowfish") == q) {
389 Cipher = EVP_bf_cfb(); cipher = "blowfish";
390
391 } else if (strstr(q, "3des") == q) {
392 Cipher = EVP_des_ede3_cfb(); cipher = "3des";
393
394 } else if (strstr(q, "securevnc") == q) {
395 Cipher = EVP_aes_128_ofb(); cipher = "securevnc";
396 securevnc = 1;
397
398 } else if (strstr(q, "none") == q || strstr(q, "relay") == q) {
399 cipher = "none";
400
401 } else if (strstr(q, "showcert") == q) {
402 cipher = "showcert";
403
404 } else if (strstr(q, ".") == q) {
405 /* otherwise, try to guess cipher from key filename: */
406 if (strstr(keyfile, "arc4.key")) {
407 Cipher = EVP_rc4(); cipher = "arc4";
408
409 } else if (strstr(keyfile, "rc4.key")) {
410 Cipher = EVP_rc4(); cipher = "msrc4";
411
412 } else if (strstr(keyfile, "aesv2.key")) {
413 Cipher = EVP_aes_128_ofb(); cipher = "aesv2";
414
415 } else if (strstr(keyfile, "aes-cfb.key")) {
416 Cipher = EVP_aes_128_cfb(); cipher = "aes-cfb";
417
418 } else if (strstr(keyfile, "aes256.key")) {
419 Cipher = EVP_aes_256_cfb(); cipher = "aes256";
420
421 } else if (strstr(keyfile, "blowfish.key")) {
422 Cipher = EVP_bf_cfb(); cipher = "blowfish";
423
424 } else if (strstr(keyfile, "3des.key")) {
425 Cipher = EVP_des_ede3_cfb(); cipher = "3des";
426
427 } else if (strstr(keyfile, "securevnc.")) {
428 Cipher = EVP_aes_128_ofb(); cipher = "securevnc";
429 securevnc = 1;
430
431 } else {
432 fprintf(stderr, "cannot figure out cipher, supply 'msrc4', 'arc4', or 'aesv2' ...\n");
433 exit(1);
434 }
435 } else {
436 fprintf(stderr, "cannot figure out cipher, supply 'msrc4', 'arc4', or 'aesv2' ...\n");
437 exit(1);
438 }
439
440 /* set the default message digest (md5) */
441 if (!securevnc) {
442 Digest = EVP_md5();
443 } else {
444 Digest = EVP_sha1();
445 }
446
447 /*
448 * Look for user specified salt and IV sizes at the end
449 * ( ciph@salt,iv and ciph@[md+]salt,iv ):
450 */
451 p = strchr(q, '@');
452 if (p) {
453 int s, v;
454 p++;
455 if (strstr(p, "md5+") == p) {
456 Digest = EVP_md5(); p += strlen("md5+");
457 } else if (strstr(p, "sha+") == p) {
458 Digest = EVP_sha(); p += strlen("sha+");
459 } else if (strstr(p, "sha1+") == p) {
460 Digest = EVP_sha1(); p += strlen("sha1+");
461 } else if (strstr(p, "ripe+") == p) {
462 Digest = EVP_ripemd160(); p += strlen("ripe+");
463 } else if (strstr(p, "ripemd160+") == p) {
464 Digest = EVP_ripemd160(); p += strlen("ripemd160+");
465 }
466 if (sscanf(p, "%d,%d", &s, &v) == 2) {
467 /* cipher@n,m */
468 if (-1 <= s && s <= SALT) {
469 salt_size = s;
470 } else {
471 fprintf(stderr, "%s: invalid salt size: %d\n",
472 prog, s);
473 exit(1);
474 }
475 if (0 <= v && v <= EVP_MAX_IV_LENGTH) {
476 ivec_size = v;
477 } else {
478 fprintf(stderr, "%s: invalid IV size: %d\n",
479 prog, v);
480 exit(1);
481 }
482 } else if (sscanf(p, "%d", &s) == 1) {
483 /* cipher@n */
484 if (-1 <= s && s <= SALT) {
485 salt_size = s;
486 } else {
487 fprintf(stderr, "%s: invalid salt size: %d\n",
488 prog, s);
489 exit(1);
490 }
491 }
492 if (salt_size == -1) {
493 /* let salt = -1 mean skip both MD5 and salt */
494 nomd = 1;
495 salt_size = 0;
496 }
497 }
498
499 /* port to listen on (0 => stdio, negative => localhost) */
500 if (lport != NULL) {
501 listen_port = atoi(lport);
502 }
503
504 /* extract remote hostname and port */
505 q = strrchr(rhp, ':');
506 if (q) {
507 connect_port = atoi(q+1);
508 *q = '\0';
509 } else {
510 /* otherwise guess VNC display 0 ... */
511 connect_port = 5900;
512 }
513 connect_host = strdup(rhp);
514
515 /* check for and read in the key file */
516 memset(keydata, 0, sizeof(keydata));
517
518 if (!strcmp(cipher, "none")) {
519 goto readed_in;
520 }
521 if (!strcmp(cipher, "showcert")) {
522 goto readed_in;
523 }
524
525 if (securevnc) {
526 /* note the keyfile for rsa verification later */
527 if (keyfile != NULL && strcasecmp(keyfile, "none")) {
528 securevnc_file = keyfile;
529 }
530 goto readed_in;
531 }
532
533 if (stat(keyfile, &sb) != 0) {
534 if (strstr(keyfile, "pw=") == keyfile) {
535 /* user specified key/password on cmdline */
536 int i;
537 len = 0;
538 pw_in = 1;
539 for (i=0; i < (int) strlen(keyfile); i++) {
540 /* load the string to keydata: */
541 int n = i + strlen("pw=");
542 keydata[i] = keyfile[n];
543 if (keyfile[n] == '\0') break;
544 len++;
545 if (i > 100) break;
546 }
547 goto readed_in;
548 }
549 /* otherwise invalid file */
550 perror("stat");
551 exit(1);
552 }
553 if (sb.st_size > 1024) {
554 fprintf(stderr, "%s: key file too big.\n", prog);
555 exit(1);
556 }
557 fd = open(keyfile, O_RDONLY);
558 if (fd < 0) {
559 perror("open");
560 exit(1);
561 }
562
563 /* read it all in */
564 len = (int) read(fd, keydata, (size_t) sb.st_size);
565 if (len != sb.st_size) {
566 perror("read");
567 fprintf(stderr, "%s, could not read key file.\n", prog);
568 exit(1);
569 }
570 close(fd);
571
572 readed_in:
573
574
575 /* check for ultravnc msrc4 format 'rc4.key' */
576 mbits = 0;
577 if (strstr(keydata, "128 bit") == keydata) {
578 mbits = 128;
579 } else if (strstr(keydata, " 56 bit") == keydata) {
580 mbits = 56;
581 } else if (strstr(keydata, " 40 bit") == keydata) {
582 mbits = 40;
583 }
584 if (mbits > 0) {
585 /* 4 is for int key length, 12 is for BLOBHEADER. */
586 int i, offset = strlen("xxx bit") + 4 + 12;
587
588 /* the key is stored in reverse order! */
589 len = mbits/8;
590 for (i=0; i < len; i++) {
591 tmp[i] = keydata[offset + len - i - 1];
592 }
593
594 /* clear keydata and then copy the reversed bytes there: */
595 memset(keydata, 0, sizeof(keydata));
596 memcpy(keydata, tmp, len);
597 }
598
599 keydata_len = len;
600
601 /* initialize random */
602 RAND_poll();
603
604 /*
605 * Setup connections, then transfer data when they are all
606 * hooked up.
607 */
608 enc_connections(listen_port, connect_host, connect_port);
609 }
610 #endif
611
enc_raw_xfer(int sock_fr,int sock_to)612 static void enc_raw_xfer(int sock_fr, int sock_to) {
613
614 unsigned char buf[BSIZE];
615 unsigned char *psrc = NULL;
616 int len, m, n = 0;
617
618 /* zero the buffers */
619 memset(buf, 0, BSIZE);
620
621 /* now loop forever processing the data stream */
622 while (1) {
623 errno = 0;
624
625 /* general case of loop, read some in: */
626 n = read(sock_fr, buf, BSIZE);
627
628 if (n == 0 || (n < 0 && errno != EINTR)) {
629 /* failure to read any data, it is EOF or fatal error */
630 int err = errno;
631
632 /* debug output: */
633 fprintf(stderr, "%s: input stream finished: n=%d, err=%d", prog, n, err);
634
635 /* EOF or fatal error */
636 break;
637
638 } else if (n > 0) {
639
640 /* write data to the other end: */
641 len = n;
642 psrc = buf;
643 while (len > 0) {
644 errno = 0;
645 m = write(sock_to, psrc, len);
646
647 if (m > 0) {
648 /* scoot them by how much was written: */
649 psrc += m;
650 len -= m;
651 }
652 if (m < 0 && (errno == EINTR || errno == EAGAIN)) {
653 /* interrupted or blocked */
654 continue;
655 }
656 /* EOF or fatal error */
657 break;
658 }
659 } else {
660 /* this is EINTR */
661 }
662 }
663
664 /* transfer done (viewer exited or some error) */
665
666 fprintf(stderr, "\n%s: close sock_to\n", prog);
667 close(sock_to);
668
669 fprintf(stderr, "%s: close sock_fr\n", prog);
670 close(sock_fr);
671
672 /* kill our partner after 1 secs. */
673 sleep(1);
674 if (child) {
675 if (kill(child, SIGTERM) == 0) {
676 fprintf(stderr, "%s[%d]: killed my partner: %d\n",
677 prog, (int) getpid(), (int) child);
678 }
679 } else {
680 if (kill(parent, SIGTERM) == 0) {
681 fprintf(stderr, "%s[%d]: killed my partner: %d\n",
682 prog, (int) getpid(), (int) parent);
683 }
684 }
685 }
686
687 #if ENC_HAVE_OPENSSL
688 /*
689 * Initialize cipher context and then loop till EOF doing transfer &
690 * encrypt or decrypt.
691 */
enc_xfer(int sock_fr,int sock_to,int encrypt)692 static void enc_xfer(int sock_fr, int sock_to, int encrypt) {
693 /*
694 * We keep both E and D aspects in case we revert back to a
695 * single process calling select(2) on all fds...
696 */
697 unsigned char E_keystr[EVP_MAX_KEY_LENGTH];
698 unsigned char D_keystr[EVP_MAX_KEY_LENGTH];
699 EVP_CIPHER_CTX E_ctx, D_ctx;
700 EVP_CIPHER_CTX *ctx = NULL;
701
702 unsigned char buf[BSIZE], out[BSIZE];
703 unsigned char *psrc = NULL, *keystr;
704 unsigned char salt[SALT+1];
705 unsigned char ivec_real[EVP_MAX_IV_LENGTH];
706 unsigned char *ivec = ivec_real;
707
708 int i, cnt, len, m, n = 0, vb = 0, first = 1;
709 int whoops = 1; /* for the msrc4 problem */
710 char *encstr, *encsym;
711
712 /* zero the buffers */
713 memset(buf, 0, BSIZE);
714 memset(out, 0, BSIZE);
715 memset(salt, 0, sizeof(salt));
716 memset(ivec_real, 0, sizeof(ivec_real));
717 memset(E_keystr, 0, sizeof(E_keystr));
718 memset(D_keystr, 0, sizeof(D_keystr));
719
720 if (!strcmp(cipher, "msrc4")) {
721 salt_size = MSRC4_SALT; /* 11 vs. 16 */
722 }
723
724 if (msrc4_sc) {
725 whoops = 1; /* force workaround in SC mode */
726 }
727
728 if (getenv("ENCRYPT_VERBOSE")) {
729 vb = 1; /* let user turn on some debugging via env. var. */
730 }
731
732 /*
733 * reverse mode, e.g. we help a vnc server instead of a viewer.
734 */
735 if (reverse) {
736 encrypt = (!encrypt);
737 }
738 encstr = encrypt ? "encrypt" : "decrypt"; /* string for messages */
739 encsym = encrypt ? "+" : "-";
740
741 /* use the encryption/decryption context variables below */
742 if (encrypt) {
743 ctx = &E_ctx;
744 keystr = E_keystr;
745 } else {
746 ctx = &D_ctx;
747 keystr = D_keystr;
748 }
749
750 if (securevnc) {
751 first = 0; /* no need for salt+iv on first time */
752 salt_size = 0; /* we want no salt */
753 n = 0; /* nothing read */
754 ivec_size = 0; /* we want no IV. */
755 ivec = NULL;
756 } else if (encrypt) {
757 /* encrypter initializes the salt and initialization vector */
758
759 /*
760 * Our salt is 16 bytes but I believe only the first 8
761 * bytes are used by EVP_BytesToKey(3). Since we send it
762 * to the other "plugin" we need to keep it 16. Also,
763 * the IV size can depend on the cipher type. Again, 16.
764 */
765 RAND_bytes(salt, salt_size);
766 RAND_bytes(ivec, ivec_size);
767
768 /* place them in the send buffer: */
769 memcpy(buf, salt, salt_size);
770 memcpy(buf+salt_size, ivec, ivec_size);
771
772 n = salt_size + ivec_size;
773
774 ENC_PT_DBG(buf, n);
775
776 } else {
777 /* decrypter needs to read salt + iv from the wire: */
778
779 /* sleep 100 ms (TODO: select on fd) */
780 struct timeval tv;
781 tv.tv_sec = 0;
782 tv.tv_usec = 100 * 1000;
783 select(1, NULL, NULL, NULL, &tv);
784
785 if (salt_size+ivec_size == 0) {
786 n = 0; /* no salt or iv, skip reading. */
787 } else {
788 n = read(sock_fr, buf, salt_size+ivec_size+96);
789 }
790 if (n == 0 && salt_size+ivec_size > 0) {
791 fprintf(stderr, "%s: decrypt finished.\n", prog);
792 goto finished;
793 }
794 if (n < salt_size+ivec_size) {
795 if (msrc4_sc && n == 12) {
796 fprintf(stderr, "%s: only %d bytes read. Assuming "
797 "UVNC Single Click server.\n", prog, n);
798 } else {
799 if (n < 0) perror("read");
800 fprintf(stderr, "%s: could not read enough for salt "
801 "and ivec: n=%d\n", prog, n);
802 goto finished;
803 }
804 }
805
806 DEC_CT_DBG(buf, n);
807
808 if (msrc4_sc && n == 12) {
809 ; /* send it as is */
810 } else {
811 /* extract them to their buffers: */
812 memcpy(salt, buf, salt_size);
813 memcpy(ivec, buf+salt_size, ivec_size);
814
815 /* the rest is some encrypted data: */
816 n = n - salt_size - ivec_size;
817 psrc = buf + salt_size + ivec_size;
818
819 if (n > 0) {
820 /*
821 * copy it down to the start of buf for
822 * sending below:
823 */
824 for (i=0; i < n; i++) {
825 buf[i] = psrc[i];
826 }
827 }
828 }
829 }
830
831 /* debug output */
832 PRINT_KEYDATA;
833 PRINT_IVEC;
834
835 if (!strcmp(cipher, "msrc4")) {
836 /* special cases for MSRC4: */
837
838 if (whoops) {
839 fprintf(stderr, "%s: %s - WARNING: MSRC4 mode and IGNORING random salt\n", prog, encstr);
840 fprintf(stderr, "%s: %s - WARNING: and initialization vector!!\n", prog, encstr);
841 EVP_CIPHER_CTX_init(ctx);
842 if (pw_in) {
843 /* for pw=xxxx a md5 hash is used */
844 EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
845 keydata_len, 1, keystr, NULL);
846 EVP_CipherInit_ex(ctx, Cipher, NULL, keystr, NULL,
847 encrypt);
848 } else {
849 /* otherwise keydata as is */
850 EVP_CipherInit_ex(ctx, Cipher, NULL,
851 (unsigned char *) keydata, NULL, encrypt);
852 }
853 } else {
854 /* XXX might not be correct, just exit. */
855 fprintf(stderr, "%s: %s - Not sure about msrc4 && !whoops case, exiting.\n", prog, encstr);
856 exit(1);
857
858 EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
859 keydata_len, 1, keystr, ivec);
860 EVP_CIPHER_CTX_init(ctx);
861 EVP_CipherInit_ex(ctx, Cipher, NULL, keystr, ivec,
862 encrypt);
863 }
864
865 } else {
866 unsigned char *in_salt = NULL;
867
868 /* check salt and IV source and size. */
869 if (securevnc) {
870 in_salt = NULL;
871 } else if (salt_size <= 0) {
872 /* let salt_size = 0 mean keep it out of the MD5 */
873 fprintf(stderr, "%s: %s - WARNING: no salt\n",
874 prog, encstr);
875 in_salt = NULL;
876 } else {
877 in_salt = salt;
878 }
879
880 if (ivec_size < Cipher->iv_len && !securevnc) {
881 fprintf(stderr, "%s: %s - WARNING: short IV %d < %d\n",
882 prog, encstr, ivec_size, Cipher->iv_len);
883 }
884
885 /* make the hashed value and place in keystr */
886
887 /*
888 * XXX N.B.: DSM plugin had count=0, and overwrote ivec
889 * by not passing NULL iv.
890 */
891
892 if (nomd) {
893 /* special mode: no salt or md5, use keydata directly */
894
895 int sz = keydata_len < EVP_MAX_KEY_LENGTH ?
896 keydata_len : EVP_MAX_KEY_LENGTH;
897
898 fprintf(stderr, "%s: %s - WARNING: no-md5 specified: ignoring salt & hash\n", prog, encstr);
899 memcpy(keystr, keydata, sz);
900
901 } else if (noultra && ivec_size > 0) {
902 /* "normal" mode, don't overwrite ivec. */
903
904 EVP_BytesToKey(Cipher, Digest, in_salt, (unsigned char *) keydata,
905 keydata_len, 1, keystr, NULL);
906
907 } else {
908 /*
909 * Ultra DSM compatibility mode. Note that this
910 * clobbers the ivec we set up above! Under
911 * noultra we overwrite ivec only if ivec_size=0.
912 *
913 * SecureVNC also goes through here. in_salt and ivec are NULL.
914 * And ivec is NULL below in the EVP_CipherInit_ex() call.
915 */
916 EVP_BytesToKey(Cipher, Digest, in_salt, (unsigned char *) keydata,
917 keydata_len, 1, keystr, ivec);
918 }
919
920
921 /* initialize the context */
922 EVP_CIPHER_CTX_init(ctx);
923
924
925 /* set the cipher & initialize */
926
927 /*
928 * XXX N.B.: DSM plugin implementation had encrypt=1
929 * for both (i.e. perfectly symmetric)
930 */
931
932 EVP_CipherInit_ex(ctx, Cipher, NULL, keystr, ivec, encrypt);
933 }
934
935 if (securevnc && securevnc_arc4) {
936 /* need to discard initial 3072 bytes */
937 unsigned char buf1[SECUREVNC_RC4_DROP_BYTES];
938 unsigned char buf2[SECUREVNC_RC4_DROP_BYTES];
939 int cnt = 0;
940 EVP_CipherUpdate(ctx, buf1, &cnt, buf2, SECUREVNC_RC4_DROP_BYTES);
941 }
942
943 /* debug output */
944 PRINT_KEYSTR_AND_FRIENDS;
945
946 /* now loop forever processing the data stream */
947
948 while (1) {
949 errno = 0;
950 if (first && n > 0) {
951 if (encrypt && msrc4_sc) {
952 /* skip sending salt+iv */
953 first = 0;
954 continue;
955 } else {
956 /* use that first block of data placed in buf */
957 }
958 } else if (first && n == 0 && salt_size + ivec_size == 0) {
959 first = 0;
960 continue;
961 } else {
962 /* general case of loop, read some in: */
963 n = read(sock_fr, buf, BSIZE);
964 }
965
966 /* debug output: */
967 if (vb) fprintf(stderr, "%s%d/%d ", encsym, n, errno);
968 PRINT_LOOP_DBG1;
969
970 if (n == 0 || (n < 0 && errno != EINTR)) {
971 /* failure to read any data, it is EOF or fatal error */
972 int err = errno;
973
974 /* debug output: */
975 PRINT_LOOP_DBG2;
976 fprintf(stderr, "%s: %s - input stream finished: n=%d, err=%d", prog, encstr, n, err);
977
978 /* EOF or fatal error */
979 break;
980
981 } else if (n > 0) {
982 /* we read in some data, now transform it: */
983
984 if (first && encrypt) {
985 /* first time, copy the salt and ivec to out[] for sending */
986 memcpy(out, buf, n);
987 cnt = n;
988
989 } else if (!EVP_CipherUpdate(ctx, out, &cnt, buf, n)) {
990 /* otherwise, we transform the data */
991 fprintf(stderr, "%s: enc_xfer EVP_CipherUpdate failed.\n", prog);
992 break;
993 }
994
995 /* debug output: */
996 if (vb) fprintf(stderr, "%sc%d/%d ", encsym, cnt, n);
997 PRINT_LOOP_DBG3;
998
999 /* write transformed data to the other end: */
1000 len = cnt;
1001 psrc = out;
1002 while (len > 0) {
1003 errno = 0;
1004 m = write(sock_to, psrc, len);
1005
1006 /* debug output: */
1007 if (vb) fprintf(stderr, "m%s%d/%d ", encsym, m, errno);
1008
1009 if (m > 0) {
1010 /* scoot them by how much was written: */
1011 psrc += m;
1012 len -= m;
1013 }
1014 if (m < 0 && (errno == EINTR || errno == EAGAIN)) {
1015 /* interrupted or blocked */
1016 continue;
1017 }
1018 /* EOF or fatal error */
1019 break;
1020 }
1021 } else {
1022 /* this is EINTR */
1023 }
1024 first = 0;
1025 }
1026
1027 /* transfer done (viewer exited or some error) */
1028 finished:
1029
1030 fprintf(stderr, "\n%s: %s - close sock_to\n", prog, encstr);
1031 close(sock_to);
1032
1033 fprintf(stderr, "%s: %s - close sock_fr\n", prog, encstr);
1034 close(sock_fr);
1035
1036 /* kill our partner after 2 secs. */
1037 sleep(2);
1038 if (child) {
1039 if (kill(child, SIGTERM) == 0) {
1040 fprintf(stderr, "%s[%d]: %s - killed my partner: %d\n",
1041 prog, (int) getpid(), encstr, (int) child);
1042 }
1043 } else {
1044 if (kill(parent, SIGTERM) == 0) {
1045 fprintf(stderr, "%s[%d]: %s - killed my partner: %d\n",
1046 prog, (int) getpid(), encstr, (int) parent);
1047 }
1048 }
1049 }
1050
securevnc_server_rsa_save_dialog(char * file,char * md5str,unsigned char * rsabuf)1051 static int securevnc_server_rsa_save_dialog(char *file, char *md5str, unsigned char* rsabuf) {
1052 /* since we are likely running in the background, use this kludge by running tk */
1053 FILE *p;
1054 char str[2], *q = file, *cmd = getenv("WISH") ? getenv("WISH") : "wish";
1055 int rc;
1056
1057 memset(str, 0, sizeof(str));
1058
1059 p = popen(cmd, "w");
1060 if (p == NULL) {
1061 fprintf(stderr, "checkserver_rsa: could not run: %s\n", cmd);
1062 return 0;
1063 }
1064
1065 /* start piping tk/tcl code to it: */
1066 fprintf(p, "wm withdraw .\n");
1067 fprintf(p, "set x [expr [winfo screenwidth .]/2]\n");
1068 fprintf(p, "set y [expr [winfo screenheight .]/2]\n");
1069 fprintf(p, "wm geometry . +$x+$y; update\n");
1070 fprintf(p, "catch {option add *Dialog.msg.font {helvetica -14 bold}}\n");
1071 fprintf(p, "catch {option add *Dialog.msg.wrapLength 6i}\n");
1072 fprintf(p, "set ans [tk_messageBox -title \"Save and Trust UltraVNC RSA Key?\" -icon question ");
1073 fprintf(p, "-type yesno -message \"Save and Trust UltraVNC SecureVNCPlugin RSA Key\\n\\n");
1074 fprintf(p, "With MD5 sum: %s\\n\\n", md5str);
1075 fprintf(p, "In file: ");
1076 while (*q != '\0') {
1077 /* sanitize user supplied string: */
1078 str[0] = *q;
1079 if (strpbrk(str, "[](){}`'\"$&*|<>") == NULL) {
1080 fprintf(p, "%s", str);
1081 }
1082 q++;
1083 }
1084 fprintf(p, " ?\"]\n");
1085 fprintf(p, "if { $ans == \"yes\" } {destroy .; exit 0} else {destroy .; exit 1}\n");
1086 rc = pclose(p);
1087 if (rc == 0) {
1088 fprintf(stderr, "checkserver_rsa: query returned: %d. saving it.\n", rc);
1089 p = fopen(file, "w");
1090 if (p == NULL) {
1091 fprintf(stderr, "checkserver_rsa: could not open %s\n", file);
1092 return 0;
1093 }
1094 write(fileno(p), rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
1095 fclose(p);
1096 return 2;
1097 } else {
1098 fprintf(stderr, "checkserver_rsa: query returned: %d. NOT saving it.\n", rc);
1099 return -1;
1100 }
1101 }
1102
rsa_md5_sum(unsigned char * rsabuf)1103 static char *rsa_md5_sum(unsigned char* rsabuf) {
1104 EVP_MD_CTX md;
1105 char digest[EVP_MAX_MD_SIZE], tmp[16];
1106 char md5str[EVP_MAX_MD_SIZE * 8];
1107 unsigned int i, size = 0;
1108
1109 EVP_DigestInit(&md, EVP_md5());
1110 EVP_DigestUpdate(&md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
1111 EVP_DigestFinal(&md, (unsigned char *)digest, &size);
1112
1113 memset(md5str, 0, sizeof(md5str));
1114 for (i=0; i < size; i++) {
1115 unsigned char uc = (unsigned char) digest[i];
1116 sprintf(tmp, "%02x", (int) uc);
1117 strcat(md5str, tmp);
1118 }
1119 return strdup(md5str);
1120 }
1121
securevnc_check_server_rsa(char * file,unsigned char * rsabuf)1122 static int securevnc_check_server_rsa(char *file, unsigned char *rsabuf) {
1123 struct stat sb;
1124 unsigned char filebuf[SECUREVNC_RSA_PUBKEY_SIZE];
1125 char *md5str = rsa_md5_sum(rsabuf);
1126
1127 if (!file) {
1128 return 0;
1129 }
1130
1131 memset(filebuf, 0, sizeof(filebuf));
1132 if (stat(file, &sb) == 0) {
1133 int n, fd, i, ok = 1;
1134
1135 if (sb.st_size != SECUREVNC_RSA_PUBKEY_SIZE) {
1136 fprintf(stderr, "checkserver_rsa: file is wrong size: %d != %d '%s'\n",
1137 (int) sb.st_size, SECUREVNC_RSA_PUBKEY_SIZE, file);
1138 return 0;
1139 }
1140
1141 fd = open(file, O_RDONLY);
1142 if (fd < 0) {
1143 fprintf(stderr, "checkserver_rsa: could not open: '%s'\n", file);
1144 return 0;
1145 }
1146
1147 n = (int) read(fd, filebuf, SECUREVNC_RSA_PUBKEY_SIZE);
1148 close(fd);
1149 if (n != SECUREVNC_RSA_PUBKEY_SIZE) {
1150 fprintf(stderr, "checkserver_rsa: could not read all of file: %d != %d '%s'\n",
1151 n, SECUREVNC_RSA_PUBKEY_SIZE, file);
1152 return 0;
1153 }
1154
1155 for (i=0; i < SECUREVNC_RSA_PUBKEY_SIZE; i++) {
1156 if (filebuf[i] != rsabuf[i]) {
1157 ok = 0;
1158 }
1159 }
1160 if (!ok) {
1161 char *str1 = rsa_md5_sum(rsabuf);
1162 char *str2 = rsa_md5_sum(filebuf);
1163 fprintf(stderr, "checkserver_rsa: rsa keystore contents differ for '%s'\n", file);
1164 fprintf(stderr, "checkserver_rsa: MD5 sum of server key: %s\n", str1);
1165 fprintf(stderr, "checkserver_rsa: MD5 sum of keystore: %s\n", str2);
1166 }
1167 return ok;
1168 } else {
1169
1170 fprintf(stderr, "checkserver_rsa: rsa keystore file does not exist: '%s'\n", file);
1171 fprintf(stderr, "checkserver_rsa: asking user if we should store rsa key in it.\n\n");
1172 fprintf(stderr, "checkserver_rsa: RSA key has MD5 sum: %s\n\n", md5str);
1173
1174 return securevnc_server_rsa_save_dialog(file, md5str, rsabuf);
1175 }
1176 }
1177
load_client_auth(char * file)1178 static RSA *load_client_auth(char *file) {
1179 struct stat sb;
1180 int fd, n;
1181 char *contents;
1182 RSA *rsa;
1183
1184 if (!file) {
1185 return NULL;
1186 }
1187 if (stat(file, &sb) != 0) {
1188 return NULL;
1189 }
1190
1191 fd = open(file, O_RDONLY);
1192 if (fd < 0) {
1193 fprintf(stderr, "load_client_auth: could not open: '%s'\n", file);
1194 return NULL;
1195 }
1196
1197 contents = (char *) malloc(sb.st_size);
1198 n = (int) read(fd, contents, sb.st_size);
1199 close(fd);
1200
1201 if (n != sb.st_size) {
1202 fprintf(stderr, "load_client_auth: could not read all of: '%s'\n", file);
1203 free(contents);
1204 return NULL;
1205 }
1206
1207 rsa = d2i_RSAPrivateKey(NULL, (const unsigned char **) ((void *) &contents), sb.st_size);
1208 if (!rsa) {
1209 fprintf(stderr, "load_client_auth: d2i_RSAPrivateKey failed for: '%s'\n", file);
1210 return NULL;
1211 }
1212
1213 if (RSA_check_key(rsa) != 1) {
1214 fprintf(stderr, "load_client_auth: rsa key invalid: '%s'\n", file);
1215 return NULL;
1216 }
1217
1218 return rsa;
1219 }
1220
sslexit(char * msg)1221 static void sslexit(char *msg) {
1222 fprintf(stderr, "%s: %s\n", msg, ERR_error_string(ERR_get_error(), NULL));
1223 exit(1);
1224 }
1225
securevnc_setup(int conn1,int conn2)1226 static void securevnc_setup(int conn1, int conn2) {
1227 RSA *rsa = NULL;
1228 EVP_CIPHER_CTX init_ctx;
1229 unsigned char keystr[EVP_MAX_KEY_LENGTH];
1230 unsigned char *rsabuf, *rsasav;
1231 unsigned char *encrypted_keybuf;
1232 unsigned char *initkey;
1233 unsigned int server_flags = 0;
1234 unsigned char one = 1, zero = 0, sig = 16;
1235 unsigned char b1, b2, b3, b4;
1236 unsigned char buf[BSIZE], to_viewer[BSIZE];
1237 int to_viewer_len = 0;
1238 int n = 0, len, rc;
1239 int server = reverse ? conn1 : conn2;
1240 int viewer = reverse ? conn2 : conn1;
1241 char *client_auth = NULL;
1242 int client_auth_req = 0;
1243 int keystore_verified = 0;
1244
1245 ERR_load_crypto_strings();
1246
1247 /* alloc and read from server the 270 comprising the rsa public key: */
1248 rsabuf = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
1249 rsasav = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
1250 len = 0;
1251 while (len < SECUREVNC_RSA_PUBKEY_SIZE) {
1252 n = read(server, rsabuf + len, SECUREVNC_RSA_PUBKEY_SIZE - len);
1253 if (n == 0 || (n < 0 && errno != EINTR)) {
1254 fprintf(stderr, "securevnc_setup: fail read rsabuf: n=%d len=%d\n", n, len);
1255 exit(1);
1256 }
1257 len += n;
1258 }
1259 if (len != SECUREVNC_RSA_PUBKEY_SIZE) {
1260 fprintf(stderr, "securevnc_setup: fail final read rsabuf: n=%d len=%d\n", n, len);
1261 exit(1);
1262 }
1263 fprintf(stderr, "securevnc_setup: rsa data read len: %d\n", len);
1264 memcpy(rsasav, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
1265
1266 fprintf(stderr, "securevnc_setup: RSA key has MD5 sum: %s\n", rsa_md5_sum(rsabuf));
1267 fprintf(stderr, "securevnc_setup:\n");
1268 fprintf(stderr, "securevnc_setup: One way to print out the SecureVNC Server key MD5 sum is:\n\n");
1269 fprintf(stderr, "openssl rsa -inform DER -outform DER -pubout -in ./Server_SecureVNC.pkey | dd bs=1 skip=24 | md5sum\n\n");
1270 if (securevnc_file == NULL) {
1271 fprintf(stderr, "securevnc_setup:\n");
1272 fprintf(stderr, "securevnc_setup: ** WARNING: ULTRAVNC SERVER RSA KEY NOT VERIFIED. **\n");
1273 fprintf(stderr, "securevnc_setup: ** WARNING: A MAN-IN-THE-MIDDLE ATTACK IS POSSIBLE. **\n");
1274 fprintf(stderr, "securevnc_setup:\n");
1275 } else {
1276 char *q = strrchr(securevnc_file, 'C');
1277 int skip = 0;
1278 if (q) {
1279 if (!strcmp(q, "ClientAuth.pkey")) {
1280 client_auth = strdup(securevnc_file);
1281 skip = 1;
1282 } else if (!strcmp(q, "ClientAuth.pkey.rsa")) {
1283 client_auth = strdup(securevnc_file);
1284 q = strrchr(client_auth, '.');
1285 *q = '\0';
1286 }
1287 }
1288 if (!skip) {
1289 rc = securevnc_check_server_rsa(securevnc_file, rsabuf);
1290 }
1291 if (skip) {
1292 ;
1293 } else if (rc == 0) {
1294 fprintf(stderr, "securevnc_setup:\n");
1295 fprintf(stderr, "securevnc_setup: VERIFY_ERROR: SERVER RSA KEY DID NOT MATCH:\n");
1296 fprintf(stderr, "securevnc_setup: %s\n", securevnc_file);
1297 fprintf(stderr, "securevnc_setup:\n");
1298 exit(1);
1299 } else if (rc == -1) {
1300 fprintf(stderr, "securevnc_setup: User cancelled the save and hence the connection.\n");
1301 fprintf(stderr, "securevnc_setup: %s\n", securevnc_file);
1302 exit(1);
1303 } else if (rc == 1) {
1304 fprintf(stderr, "securevnc_setup: VERIFY SUCCESS: server rsa key matches the contents of:\n");
1305 fprintf(stderr, "securevnc_setup: %s\n", securevnc_file);
1306 keystore_verified = 1;
1307 } else if (rc == 2) {
1308 fprintf(stderr, "securevnc_setup: Server rsa key stored in:\n");
1309 fprintf(stderr, "securevnc_setup: %s\n", securevnc_file);
1310 keystore_verified = 2;
1311 }
1312 }
1313
1314 /*
1315 * read in the server flags. Note that SecureVNCPlugin sends these
1316 * in little endian and not network order!!
1317 */
1318 read(server, (char *) &b1, 1);
1319 read(server, (char *) &b2, 1);
1320 read(server, (char *) &b3, 1);
1321 read(server, (char *) &b4, 1);
1322
1323 server_flags = 0;
1324 server_flags |= ((unsigned int) b4) << 24;
1325 server_flags |= ((unsigned int) b3) << 16;
1326 server_flags |= ((unsigned int) b2) << 8;
1327 server_flags |= ((unsigned int) b1) << 0;
1328 fprintf(stderr, "securevnc_setup: server_flags: 0x%08x\n", server_flags);
1329
1330 /* check for arc4 usage: */
1331 if (server_flags & 0x1) {
1332 fprintf(stderr, "securevnc_setup: server uses AES cipher.\n");
1333 } else {
1334 fprintf(stderr, "securevnc_setup: server uses ARC4 cipher.\n");
1335 securevnc_arc4 = 1;
1336 Cipher = EVP_rc4();
1337 }
1338
1339 /* check for client auth signature requirement: */
1340 if (server_flags & (sig << 24)) {
1341 fprintf(stderr, "securevnc_setup: server requires Client Auth signature.\n");
1342 client_auth_req = 1;
1343 if (!client_auth) {
1344 fprintf(stderr, "securevnc_setup: However, NO *ClientAuth.pkey keyfile was supplied on our\n");
1345 fprintf(stderr, "securevnc_setup: command line. Exiting.\n");
1346 exit(1);
1347 }
1348 }
1349
1350 /*
1351 * The first packet 'RFB 003.006' is obscured with key
1352 * that is a sha1 hash of public key. So make this tmp key now:
1353 *
1354 */
1355 initkey = (unsigned char *) calloc(SECUREVNC_KEY_SIZE, 1);
1356 EVP_BytesToKey(EVP_rc4(), EVP_sha1(), NULL, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE, 1, initkey, NULL);
1357
1358 /* expand the transported rsabuf into an rsa object */
1359 rsa = d2i_RSAPublicKey(NULL, (const unsigned char **) &rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
1360 if (rsa == NULL) {
1361 sslexit("securevnc_setup: failed to create rsa");
1362 }
1363
1364 /*
1365 * Back to the work involving the tmp obscuring key:
1366 */
1367 EVP_CIPHER_CTX_init(&init_ctx);
1368 rc = EVP_CipherInit_ex(&init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
1369 if (rc == 0) {
1370 sslexit("securevnc_setup: EVP_CipherInit_ex(init_ctx) failed");
1371 }
1372
1373 /* for the first obscured packet, read what we can... */
1374 n = read(server, (char *) buf, BSIZE);
1375 fprintf(stderr, "securevnc_setup: data read: %d\n", n);
1376 if (n < 0) {
1377 exit(1);
1378 }
1379 fprintf(stderr, "securevnc_setup: initial data[%d]: ", n);
1380
1381 /* decode with the tmp key */
1382 if (n > 0) {
1383 memset(to_viewer, 0, sizeof(to_viewer));
1384 if (EVP_CipherUpdate(&init_ctx, to_viewer, &len, buf, n) == 0) {
1385 sslexit("securevnc_setup: EVP_CipherUpdate(init_ctx) failed");
1386 exit(1);
1387 }
1388 to_viewer_len = len;
1389 }
1390 EVP_CIPHER_CTX_cleanup(&init_ctx);
1391 free(initkey);
1392
1393 /* print what we would send to the viewer (sent below): */
1394 write(2, to_viewer, 12); /* and first 12 bytes 'RFB ...' as message */
1395
1396 /* now create the random session key: */
1397 encrypted_keybuf = (unsigned char*) calloc(RSA_size(rsa), 1);
1398
1399 fprintf(stderr, "securevnc_setup: creating random session key: %d/%d\n",
1400 SECUREVNC_KEY_SIZE, SECUREVNC_RAND_KEY_SOURCE);
1401 keydata_len = SECUREVNC_RAND_KEY_SOURCE;
1402
1403 rc = RAND_bytes((unsigned char *)keydata, SECUREVNC_RAND_KEY_SOURCE);
1404 if (rc <= 0) {
1405 fprintf(stderr, "securevnc_setup: RAND_bytes() failed: %s\n", ERR_error_string(ERR_get_error(), NULL));
1406 rc = RAND_pseudo_bytes((unsigned char *)keydata, SECUREVNC_RAND_KEY_SOURCE);
1407 fprintf(stderr, "securevnc_setup: RAND_pseudo_bytes() rc=%d\n", rc);
1408 if (getenv("RANDSTR")) {
1409 char *s = getenv("RANDSTR");
1410 fprintf(stderr, "securevnc_setup: seeding with RANDSTR len=%d\n", strlen(s));
1411 RAND_add(s, strlen(s), strlen(s));
1412 }
1413 }
1414
1415 /* N.B. this will be repeated in enc_xfer() setup. */
1416 EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata, keydata_len, 1, keystr, NULL);
1417
1418 /* encrypt the session key with the server's public rsa key: */
1419 n = RSA_public_encrypt(SECUREVNC_KEY_SIZE, keystr, encrypted_keybuf, rsa, RSA_PKCS1_PADDING);
1420 if (n == -1) {
1421 sslexit("securevnc_setup: RSA_public_encrypt() failed");
1422 exit(1);
1423 }
1424 fprintf(stderr, "securevnc_setup: encrypted session key size: %d. sending to server.\n", n);
1425
1426 /* send it to the server: */
1427 write(server, encrypted_keybuf, n);
1428 free(encrypted_keybuf);
1429
1430 /*
1431 * Reply back with flags indicating cipher (same as one sent to
1432 * us) and we do not want client-side auth.
1433 *
1434 * We send it out on the wire in little endian order:
1435 */
1436 if (securevnc_arc4) {
1437 write(server, (char *)&zero, 1);
1438 } else {
1439 write(server, (char *)&one, 1);
1440 }
1441 write(server, (char *)&zero, 1);
1442 write(server, (char *)&zero, 1);
1443 if (client_auth_req) {
1444 write(server, (char *)&sig, 1);
1445 } else {
1446 write(server, (char *)&zero, 1);
1447 }
1448
1449 if (client_auth_req && client_auth) {
1450 RSA *client_rsa = load_client_auth(client_auth);
1451 EVP_MD_CTX dctx;
1452 unsigned char digest[EVP_MAX_MD_SIZE], *signature;
1453 unsigned int ndig = 0, nsig = 0;
1454
1455 if (0) {
1456 /* for testing only, use the wrong RSA key: */
1457 client_rsa = RSA_generate_key(2048, 0x10001, NULL, NULL);
1458 }
1459
1460 if (client_rsa == NULL) {
1461 fprintf(stderr, "securevnc_setup: problem reading rsa key from '%s'\n", client_auth);
1462 exit(1);
1463 }
1464
1465 EVP_DigestInit(&dctx, EVP_sha1());
1466 EVP_DigestUpdate(&dctx, keystr, SECUREVNC_KEY_SIZE);
1467 /*
1468 * Without something like the following MITM is still possible.
1469 * This is because the MITM knows keystr and can use it with
1470 * the server connection as well, and then he just forwards our
1471 * signed digest. The additional information below would be the
1472 * MITM's rsa public key, and so the real VNC server will notice
1473 * the difference. And MITM can't sign keystr+server_rsa.pub since
1474 * he doesn't have Viewer_ClientAuth.pkey.
1475 */
1476 if (0) {
1477 EVP_DigestUpdate(&dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
1478 if (!keystore_verified) {
1479 fprintf(stderr, "securevnc_setup:\n");
1480 fprintf(stderr, "securevnc_setup: Warning: even *WITH* Client Authentication in SecureVNC,\n");
1481 fprintf(stderr, "securevnc_setup: an attacker may be able to trick you into connecting to his\n");
1482 fprintf(stderr, "securevnc_setup: fake VNC server and supplying VNC or Windows passwords, etc.\n");
1483 fprintf(stderr, "securevnc_setup: To increase security manually verify the Server RSA key's MD5\n");
1484 fprintf(stderr, "securevnc_setup: checksum and then have SSVNC save the key in its keystore to\n");
1485 fprintf(stderr, "securevnc_setup: be used to verify the server in subsequent connections.\n");
1486 fprintf(stderr, "securevnc_setup:\n");
1487 }
1488 } else {
1489 if (!keystore_verified) {
1490 fprintf(stderr, "securevnc_setup:\n");
1491 fprintf(stderr, "securevnc_setup: WARNING: THE FIRST VERSION OF THE SECUREVNC PROTOCOL IS\n");
1492 fprintf(stderr, "securevnc_setup: WARNING: BEING USED. *EVEN* WITH CLIENT AUTHENTICATION IT\n");
1493 fprintf(stderr, "securevnc_setup: WARNING: IS SUSCEPTIBLE TO A MAN-IN-THE-MIDDLE ATTACK.\n");
1494 fprintf(stderr, "securevnc_setup: To increase security manually verify the Server RSA key's MD5\n");
1495 fprintf(stderr, "securevnc_setup: checksum and then have SSVNC save the key in its keystore to\n");
1496 fprintf(stderr, "securevnc_setup: be used to verify the server in subsequent connections.\n");
1497 fprintf(stderr, "securevnc_setup:\n");
1498 }
1499 }
1500 EVP_DigestFinal(&dctx, (unsigned char *)digest, &ndig);
1501
1502 signature = (unsigned char *) calloc(RSA_size(client_rsa), 1);
1503 RSA_sign(NID_sha1, digest, ndig, signature, &nsig, client_rsa);
1504
1505 fprintf(stderr, "securevnc_setup: sending ClientAuth.pkey signed data: %d\n", nsig);
1506 write(server, signature, nsig);
1507 free(signature);
1508
1509 RSA_free(client_rsa);
1510 }
1511
1512 fprintf(stderr, "securevnc_setup: done.\n");
1513
1514 /* now send the 'RFB ...' to the viewer */
1515 if (to_viewer_len > 0) {
1516 write(viewer, to_viewer, to_viewer_len);
1517 }
1518 }
1519
1520 #ifndef ENC_DISABLE_SHOW_CERT
enc_sslerrexit(void)1521 static void enc_sslerrexit(void) {
1522 unsigned long err = ERR_get_error();
1523
1524 if (err) {
1525 char str[256];
1526 ERR_error_string(err, str);
1527 fprintf(stdout, "ssl error: %s\n", str);
1528 }
1529 exit(1);
1530 }
1531 #endif
1532
show_cert(int sock)1533 static void show_cert(int sock) {
1534 #ifndef ENC_DISABLE_SHOW_CERT
1535 SSL_CTX *ctx;
1536 SSL *ssl = NULL;
1537 STACK_OF(X509) *sk = NULL;
1538 X509 *peer = NULL;
1539 SSL_CIPHER *c;
1540 BIO *bio;
1541 unsigned char *sid = (unsigned char *) "ultravnc_dsm_helper SID";
1542 long mode;
1543 int i;
1544
1545 fprintf(stdout, "CONNECTED(%08X)\n",sock);
1546
1547 SSL_library_init();
1548 SSL_load_error_strings();
1549
1550 if (!RAND_status()) {
1551 RAND_poll();
1552 }
1553 /* this is not for a secured connection. */
1554 for (i=0; i < 100; i++) {
1555 if (!RAND_status()) {
1556 char tmp[32];
1557 sprintf(tmp, "%d", getpid() * (17 + i));
1558 RAND_add(tmp, strlen(tmp), 5);
1559 } else {
1560 break;
1561 }
1562 }
1563
1564 ctx = SSL_CTX_new( SSLv23_client_method() );
1565 if (ctx == NULL) {
1566 fprintf(stdout, "show_cert: SSL_CTX_new failed.\n");
1567 close(sock);
1568 enc_sslerrexit();
1569 }
1570
1571 mode = 0;
1572 mode |= SSL_MODE_ENABLE_PARTIAL_WRITE;
1573 mode |= SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER;
1574 SSL_CTX_set_mode(ctx, mode);
1575
1576 if (getenv("ULTRAVNC_DSM_HELPER_SHOWCERT_ADH")) {
1577 SSL_CTX_set_cipher_list(ctx, "ADH:@STRENGTH");
1578 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
1579 }
1580
1581 ssl = SSL_new(ctx);
1582
1583 if (ssl == NULL) {
1584 fprintf(stdout, "show_cert: SSL_new failed.\n");
1585 close(sock);
1586 enc_sslerrexit();
1587 }
1588
1589 SSL_set_session_id_context(ssl, sid, strlen((char *)sid));
1590
1591 if (! SSL_set_fd(ssl, sock)) {
1592 fprintf(stdout, "show_cert: SSL_set_fd failed.\n");
1593 close(sock);
1594 enc_sslerrexit();
1595 }
1596
1597 SSL_set_connect_state(ssl);
1598
1599 if (SSL_connect(ssl) <= 0) {
1600 unsigned long err = ERR_get_error();
1601 fprintf(stdout, "show_cert: SSL_connect failed.\n");
1602 if (err) {
1603 char str[256];
1604 ERR_error_string(err, str);
1605 fprintf(stdout, "ssl error: %s\n", str);
1606 }
1607 }
1608
1609 SSL_get_verify_result(ssl);
1610
1611 sk = SSL_get_peer_cert_chain(ssl);
1612 if (sk != NULL) {
1613 fprintf(stdout, "---\nCertificate chain\n");
1614 for (i=0; i < sk_X509_num(sk); i++) {
1615 char buf[2048];
1616 X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk,i)), buf, sizeof buf);
1617 fprintf(stdout, "%2d s:%s\n", i, buf);
1618 X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk,i)), buf, sizeof buf);
1619 fprintf(stdout, " i:%s\n", buf);
1620 }
1621 } else {
1622 fprintf(stdout, "show_cert: SSL_get_peer_cert_chain failed.\n");
1623 }
1624 fprintf(stdout, "---\n");
1625 peer = SSL_get_peer_certificate(ssl);
1626 bio = BIO_new_fp(stdout, BIO_NOCLOSE);
1627 if (peer != NULL) {
1628 char buf[2048];
1629 BIO_printf(bio,"Server certificate\n");
1630 PEM_write_bio_X509(bio, peer);
1631
1632 X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
1633 BIO_printf(bio,"subject=%s\n",buf);
1634 X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
1635 BIO_printf(bio,"issuer=%s\n",buf);
1636 } else {
1637 fprintf(stdout, "show_cert: SSL_get_peer_certificate failed.\n");
1638 }
1639
1640 c = SSL_get_current_cipher(ssl);
1641 BIO_printf(bio,"---\nNew, %s, Cipher is %s\n", SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
1642
1643 if (peer != NULL) {
1644 EVP_PKEY *pktmp;
1645 pktmp = X509_get_pubkey(peer);
1646 BIO_printf(bio,"Server public key is %d bit\n", EVP_PKEY_bits(pktmp));
1647 EVP_PKEY_free(pktmp);
1648 }
1649 BIO_printf(bio,"---\nDONE\n---\n");
1650
1651 fflush(stdout);
1652
1653 #endif
1654 close(sock);
1655 exit(0);
1656 }
1657
1658 #ifndef SOL_IPV6
1659 #ifdef IPPROTO_IPV6
1660 #define SOL_IPV6 IPPROTO_IPV6
1661 #endif
1662 #endif
1663
1664 /*
1665 * Listens on incoming port for a client, then connects to remote server.
1666 * Then forks into two processes one is the encrypter the other the
1667 * decrypter.
1668 */
enc_connections(int listen_port,char * connect_host,int connect_port)1669 static void enc_connections(int listen_port, char *connect_host, int connect_port) {
1670 int listen_fd = -1, listen_fd6 = -1, conn1 = -1, conn2 = -1, ret, one = 1;
1671 socklen_t clen;
1672 struct hostent *hp;
1673 struct sockaddr_in client, server;
1674 fd_set fds;
1675 int maxfd = -1;
1676
1677 /* zero means use stdio (preferably from socketpair()) */
1678 if (listen_port == 0) {
1679 conn1 = fileno(stdin);
1680 goto use_stdio;
1681 }
1682
1683 if (!strcmp(cipher, "showcert")) {
1684 goto use_stdio;
1685 }
1686
1687 /* fd=n,m means use the supplied already established sockets */
1688 if (sscanf(connect_host, "fd=%d,%d", &conn1, &conn2) == 2) {
1689 goto use_input_fds;
1690 }
1691
1692 /* create the listening socket: */
1693 memset(&client, 0, sizeof(client));
1694 client.sin_family = AF_INET;
1695 if (listen_port < 0) {
1696 /* negative port means use loopback */
1697 client.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
1698 client.sin_port = htons(-listen_port);
1699 } else {
1700 client.sin_addr.s_addr = htonl(INADDR_ANY);
1701 client.sin_port = htons(listen_port);
1702 }
1703
1704 listen_fd = socket(AF_INET, SOCK_STREAM, 0);
1705 if (listen_fd < 0) {
1706 perror("socket");
1707 goto try6;
1708 }
1709
1710 ret = setsockopt(listen_fd, SOL_SOCKET, SO_REUSEADDR,
1711 (char *)&one, sizeof(one));
1712 if (ret < 0) {
1713 perror("setsockopt");
1714 close(listen_fd);
1715 listen_fd = -1;
1716 goto try6;
1717 }
1718
1719 ret = bind(listen_fd, (struct sockaddr *) &client, sizeof(client));
1720 if (ret < 0) {
1721 perror("bind");
1722 close(listen_fd);
1723 listen_fd = -1;
1724 goto try6;
1725 }
1726
1727 ret = listen(listen_fd, 2);
1728 if (ret < 0) {
1729 perror("listen");
1730 close(listen_fd);
1731 listen_fd = -1;
1732 goto try6;
1733 }
1734
1735 try6:
1736 #ifdef AF_INET6
1737 if (!getenv("ULTRAVNC_DSM_HELPER_NOIPV6")) {
1738 struct sockaddr_in6 sin;
1739 int one = 1, sock = -1;
1740
1741 sock = socket(AF_INET6, SOCK_STREAM, 0);
1742 if (sock < 0) {
1743 perror("socket6");
1744 goto fail;
1745 }
1746
1747 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof(one)) < 0) {
1748 perror("setsockopt6 SO_REUSEADDR");
1749 close(sock);
1750 sock = -1;
1751 goto fail;
1752 }
1753
1754 #if defined(SOL_IPV6) && defined(IPV6_V6ONLY)
1755 if (setsockopt(sock, SOL_IPV6, IPV6_V6ONLY, (char *)&one, sizeof(one)) < 0) {
1756 perror("setsockopt6 IPV6_V6ONLY");
1757 close(sock);
1758 sock = -1;
1759 goto fail;
1760 }
1761 #endif
1762
1763 memset((char *)&sin, 0, sizeof(sin));
1764 sin.sin6_family = AF_INET6;
1765
1766 if (listen_port < 0) {
1767 sin.sin6_addr = in6addr_loopback;
1768 sin.sin6_port = htons(-listen_port);
1769 } else {
1770 sin.sin6_addr = in6addr_any;
1771 sin.sin6_port = htons(listen_port);
1772 }
1773
1774 if (bind(sock, (struct sockaddr *) &sin, sizeof(sin)) < 0) {
1775 perror("bind6");
1776 close(sock);
1777 sock = -1;
1778 goto fail;
1779 }
1780
1781 if (listen(sock, 2) < 0) {
1782 perror("listen6");
1783 close(sock);
1784 sock = -1;
1785 goto fail;
1786 }
1787
1788 fail:
1789 listen_fd6 = sock;
1790 }
1791 #endif
1792
1793 if (listen_fd < 0 && listen_fd6 < 0) {
1794 fprintf(stderr, "%s: could not listen on port: %d\n",
1795 prog, listen_port);
1796 exit(1);
1797 }
1798
1799 fprintf(stderr, "%s: waiting for connection on port: %d\n",
1800 prog, listen_port);
1801
1802 /* wait for a connection: */
1803 FD_ZERO(&fds);
1804 if (listen_fd >= 0) {
1805 FD_SET(listen_fd, &fds);
1806 if (listen_fd > maxfd) {
1807 maxfd = listen_fd;
1808 }
1809 }
1810 if (listen_fd6 >= 0) {
1811 FD_SET(listen_fd6, &fds);
1812 if (listen_fd6 > maxfd) {
1813 maxfd = listen_fd6;
1814 }
1815 }
1816 if (select(maxfd+1, &fds, NULL, NULL, NULL) <= 0) {
1817 perror("select");
1818 exit(1);
1819 }
1820
1821 if (FD_ISSET(listen_fd, &fds)) {
1822 clen = sizeof(client);
1823 conn1 = accept(listen_fd, (struct sockaddr *) &client, &clen);
1824 if (conn1 < 0) {
1825 perror("accept");
1826 exit(1);
1827 }
1828 } else if (FD_ISSET(listen_fd6, &fds)) {
1829 #ifdef AF_INET6
1830 struct sockaddr_in6 addr;
1831 socklen_t addrlen = sizeof(addr);
1832
1833 conn1 = accept(listen_fd6, (struct sockaddr *) &addr, &addrlen);
1834 if (conn1 < 0) {
1835 perror("accept6");
1836 exit(1);
1837 }
1838 #else
1839 fprintf(stderr, "No IPv6 / AF_INET6 support.\n");
1840 exit(1);
1841 #endif
1842 }
1843
1844 if (setsockopt(conn1, IPPROTO_TCP, TCP_NODELAY, (char *)&one, sizeof(one)) < 0) {
1845 perror("setsockopt TCP_NODELAY");
1846 exit(1);
1847 }
1848
1849 /* done with the listening socket(s): */
1850 if (listen_fd >= 0) {
1851 close(listen_fd);
1852 }
1853 if (listen_fd6 >= 0) {
1854 close(listen_fd6);
1855 }
1856
1857 if (getenv("ULTRAVNC_DSM_HELPER_BG")) {
1858 int p, n;
1859 if ((p = fork()) > 0) {
1860 fprintf(stderr, "%s: putting child %d in background.\n",
1861 prog, p);
1862 exit(0);
1863 } else if (p == -1) {
1864 fprintf(stderr, "%s: could not fork\n", prog);
1865 perror("fork");
1866 exit(1);
1867 }
1868 if (setsid() == -1) {
1869 fprintf(stderr, "%s: setsid failed\n", prog);
1870 perror("setsid");
1871 exit(1);
1872 }
1873 /* adjust our stdio */
1874 n = open("/dev/null", O_RDONLY);
1875 dup2(n, 0);
1876 dup2(n, 1);
1877 dup2(n, 2);
1878 if (n > 2) {
1879 close(n);
1880 }
1881 }
1882
1883 use_stdio:
1884
1885 fprintf(stderr, "%s: got connection: %d\n", prog, conn1);
1886
1887 /* now connect to remote server: */
1888 memset(&server, 0, sizeof(server));
1889 server.sin_family = AF_INET;
1890 server.sin_port = htons(connect_port);
1891
1892 if ((server.sin_addr.s_addr = inet_addr(connect_host)) == htonl(INADDR_NONE)) {
1893 if (!(hp = gethostbyname(connect_host))) {
1894 perror("gethostbyname");
1895 goto tryconn6;
1896 }
1897 server.sin_addr.s_addr = *(unsigned long *)hp->h_addr;
1898 }
1899
1900 conn2 = socket(AF_INET, SOCK_STREAM, 0);
1901 if (conn2 < 0) {
1902 perror("socket");
1903 goto tryconn6;
1904 }
1905
1906 if (connect(conn2, (struct sockaddr *)&server, (sizeof(server))) < 0) {
1907 perror("connect");
1908 goto tryconn6;
1909 }
1910
1911 tryconn6:
1912 #ifdef AF_INET6
1913 if (conn2 < 0 && !getenv("ULTRAVNC_DSM_HELPER_NOIPV6")) {
1914 int err;
1915 struct addrinfo *ai;
1916 struct addrinfo hints;
1917 char service[32];
1918
1919 fprintf(stderr, "connect[ipv6]: trying to connect via IPv6 to %s\n", connect_host);
1920 conn2 = -1;
1921
1922 memset(&hints, 0, sizeof(hints));
1923 sprintf(service, "%d", connect_port);
1924
1925 hints.ai_family = AF_UNSPEC;
1926 hints.ai_socktype = SOCK_STREAM;
1927 #ifdef AI_ADDRCONFIG
1928 hints.ai_flags |= AI_ADDRCONFIG;
1929 #endif
1930 #ifdef AI_NUMERICSERV
1931 hints.ai_flags |= AI_NUMERICSERV;
1932 #endif
1933
1934 err = getaddrinfo(connect_host, service, &hints, &ai);
1935 if (err != 0) {
1936 fprintf(stderr, "getaddrinfo[%d]: %s\n", err, gai_strerror(err));
1937 } else {
1938 struct addrinfo *ap = ai;
1939 while (ap != NULL) {
1940 int fd = -1;
1941 fd = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol);
1942 if (fd == -1) {
1943 perror("socket6");
1944 } else {
1945 int dmsg = 0;
1946 int res = connect(fd, ap->ai_addr, ap->ai_addrlen);
1947 #if defined(SOL_IPV6) && defined(IPV6_V6ONLY)
1948 if (res != 0) {
1949 int zero = 0;
1950 perror("connect6");
1951 dmsg = 1;
1952 if (setsockopt(fd, SOL_IPV6, IPV6_V6ONLY, (char *)&zero, sizeof(zero)) == 0) {
1953 fprintf(stderr, "connect[ipv6]: trying again with IPV6_V6ONLY=0\n");
1954 res = connect(fd, ap->ai_addr, ap->ai_addrlen);
1955 dmsg = 0;
1956 }
1957 }
1958 #endif
1959 if (res == 0) {
1960 conn2 = fd;
1961 break;
1962 } else {
1963 if (!dmsg) perror("connect6");
1964 close(fd);
1965 }
1966 }
1967 ap = ap->ai_next;
1968 }
1969 freeaddrinfo(ai);
1970 }
1971 }
1972 #endif
1973 if (conn2 < 0) {
1974 fprintf(stderr, "could not connect to %s\n", connect_host);
1975 exit(1);
1976 }
1977 if (conn2 >= 0 && setsockopt(conn2, IPPROTO_TCP, TCP_NODELAY, (char *)&one, sizeof(one)) < 0) {
1978 perror("setsockopt TCP_NODELAY");
1979 }
1980
1981 use_input_fds:
1982
1983 if (!strcmp(cipher, "showcert")) {
1984 show_cert(conn2);
1985 close(conn2);
1986 exit(0);
1987 }
1988
1989 if (securevnc) {
1990 securevnc_setup(conn1, conn2);
1991 }
1992
1993 /* fork into two processes; one for each direction: */
1994 parent = getpid();
1995
1996 child = fork();
1997
1998 if (child == (pid_t) -1) {
1999 /* couldn't fork... */
2000 perror("fork");
2001 close(conn1);
2002 close(conn2);
2003 exit(1);
2004 }
2005
2006 /* Do transfer/encode/decode loop: */
2007
2008 if (child == 0) {
2009 /* encrypter: local-viewer -> remote-server */
2010 if (!strcmp(cipher, "none") || !strcmp(cipher, "relay")) {
2011 enc_raw_xfer(conn1, conn2);
2012 } else {
2013 enc_xfer(conn1, conn2, 1);
2014 }
2015 } else {
2016 /* decrypter: remote-server -> local-viewer */
2017 if (!strcmp(cipher, "none") || !strcmp(cipher, "relay")) {
2018 enc_raw_xfer(conn2, conn1);
2019 } else {
2020 enc_xfer(conn2, conn1, 0);
2021 }
2022 }
2023 }
2024 #endif /* ENC_HAVE_OPENSSL */
2025
doloop(int argc,char * argv[])2026 static void doloop (int argc, char *argv[]) {
2027 int ms = atoi(getenv("ULTRAVNC_DSM_HELPER_LOOP"));
2028 if (ms > 0) {
2029 char *cmd;
2030 int i, len = 0;
2031 for (i = 0; i < argc; i++) {
2032 len += strlen(argv[i]) + 2;
2033 }
2034 cmd = (char *)malloc(len);
2035 cmd[0] = '\0';
2036 for (i = 0; i < argc; i++) {
2037 strcat(cmd, argv[i]);
2038 if (i < argc - 1) {
2039 strcat(cmd, " ");
2040 }
2041 }
2042
2043 putenv("ULTRAVNC_DSM_HELPER_LOOP_SET=1");
2044 if (ms == 1) {
2045 ms = 500;
2046 }
2047 i = 0;
2048 while (1) {
2049 fprintf(stderr, "loop running[%d]: %s\n", ++i, cmd);
2050 system(cmd);
2051 usleep(1000 * ms);
2052 }
2053 }
2054 }
2055
main(int argc,char * argv[])2056 extern int main (int argc, char *argv[]) {
2057 char *kf, *q;
2058
2059 if (getenv("ULTRAVNC_DSM_HELPER_LOOP")) {
2060 if (!getenv("ULTRAVNC_DSM_HELPER_LOOP_SET")) {
2061 doloop(argc, argv);
2062 }
2063 }
2064
2065 if (argc == 3) {
2066 if (!strcmp(argv[1], "showcert")) {
2067 enc_do(argv[1], NULL, NULL, argv[2]);
2068 return 0;
2069 }
2070 }
2071 if (argc == 4) {
2072 if (!strcmp(argv[1], "none") || !strcmp(argv[1], "relay")) {
2073 enc_do(argv[1], NULL, argv[2], argv[3]);
2074 return 0;
2075 }
2076 }
2077 if (argc < 5) {
2078 fprintf(stdout, "%s\n", usage);
2079 exit(1);
2080 }
2081
2082 /* guard against pw= on cmdline (e.g. linux) */
2083 kf = strdup(argv[2]);
2084 q = strstr(argv[2], "pw=");
2085 if (q) {
2086 while (*q != '\0') {
2087 *q = '\0'; /* now ps(1) won't show it */
2088 q++;
2089 }
2090 }
2091
2092 enc_do(argv[1], kf, argv[3], argv[4]);
2093
2094 return 0;
2095 }
2096
2097 /*
2098 * a crude utility to have this work "keyless" i.e. the vnc password
2099 * is used instead of a pre-shared key file.
2100 */
2101
2102 /*
2103
2104 #!/usr/bin/perl
2105 #
2106 # md5_to_rc4key.pl
2107 #
2108 # This program requires md5sum(1) installed on your machine.
2109 #
2110 # It translates a VNC password to a ultravnc dsm plugin
2111 # compatible key file.
2112 #
2113 # Supply VNC password on cmdline, capture in key file:
2114 #
2115 # md5_to_rc4key.pl swordfish > rc4.key
2116 # md5_to_rc4key.pl -a swordfish > arc4.key
2117 #
2118 # Use rc4.key with ultravnc_dsm_helper in msrc4 mode,
2119 # or arc4.key in either arc4 or aesv4 mode.
2120 #
2121 #
2122 $rfmt = 1;
2123 if ($ARGV[0] eq '-a') {
2124 $rfmt = 0;
2125 shift;
2126 }
2127
2128 # n.b. this is not super secure against bad locals...
2129
2130 $pw = shift;
2131 $tmp = "/tmp/md5out.$$";
2132
2133 open(MD5, "| md5sum > $tmp");
2134 print MD5 $pw;
2135 close MD5;
2136
2137 $md5 = `cat $tmp`;
2138 unlink $tmp;
2139
2140 ($md5, $junk) = split(/\s/, $md5);
2141
2142 print "128 bit" if $rfmt;
2143 print 'a' x 4 if $rfmt;
2144 print 'b' x 12 if $rfmt;
2145
2146 $str = '';
2147 foreach $d (split(//, $md5)) {
2148 $str .= $d;
2149 if (length($str) == 2) {
2150 push @key, $str;
2151 $str = '';
2152 }
2153 }
2154
2155 @key = (reverse @key) if $rfmt;
2156
2157 foreach $h (@key) {
2158 $c = pack('c', hex("0x$h"));
2159 print $c;
2160 }
2161
2162 print 'c' x 48 if $rfmt;
2163
2164 */
2165 #endif /* _X11VNC_ENC_H */
2166